<?php
// SomeryC, a webcomic script by Zachary Weston Lewis
// Based on Somery by Robin de Graaf
// Copyright 2005-2007
// SomeryC is distributed under the Artistic License (see LICENSE.txt)
//
// ADMIN/PROFILE.PHP > 31-08-2007

$start = TRUE; include("system/include.php"); if ($checkauth) { ?>
<h1 id="profile">Profile</h1>
<?php
if (!$action) {
   $result = mysql_query("SELECT * FROM ".$prefix."profile WHERE username = '$user'");
   while($row=mysql_fetch_object($result)) {
      $username = $row->username;
      $nickname = $row->nickname;
      $firstname = $row->firstname;
      $lastname = $row->lastname;
      $gender = $row->gender;
      $dob = $row->dob;
      $country = $row->country;
      $city = $row->city;
      $email = $row->email;
      $url = $row->url;
      $icq = $row->icq;
      $msn = $row->msn;
      $aim = $row->aim;
      $yim = $row->yim;
      $avatar = $row->avatar;
      $signature = $row->signature;
      $getmail = $row->getmail;
   }
   if (!$nickname) $nickname = $user;
   if ($dob) {
      $dobm = substr($dob,0,2);
      $dobd = substr($dob,2,2);
      $doby = substr($dob,4,4);
      if ($dobm{0} == "0") { $dobm = ereg_replace("0","",$dobm); }
      if ($dobd{0} == "0") { $dobd = ereg_replace("0","",$dobd); }
   }
   echo "<form method='post' action='".$PHP_SELF."'>
      <input type='hidden' name='action' value='update'>";
   echo "<table><tr><th colspan='2'><h2>system information</h2></th></tr>
      <tr><td>login</td>
          <td>$username</td></tr>
      <tr><td>level</td>
          <td>".$levelname[$userdata['level']];
   if ($userdata['level'] > 0 && $userdata['level'] <= 4) {
      echo " (";
      while ($foo < $userdata['level']) {
         $foo++;
         echo "*";
      }
      echo ")";
   } else {
      if ($level != 0) echo "(invalid level)";
   }
   echo "</td></tr>";
   echo "<tr><th colspan='2'><h2>personal information</h2></th></tr>";
   echo "<tr><td>nickname</td><td><input size=50 name='nickname' type='text' value='".$nickname."'></td></tr>";
   echo "<tr><td>first name</td><td><input size=50 name='firstname' type='text' value='".$firstname."'></td></tr>";
   echo "<tr><td>last name</td><td><input size=50 name='lastname' type='text' value='".$lastname."'></td></tr>";
   echo "<tr><td>gender</td><td>";
   if ($gender == 0) echo "<input type='radio' name='gender' value='0' CHECKED> male <input type='radio' name='gender' value='1'> female";
   if ($gender == 1) echo "<input type='radio' name='gender' value='0'> male <input type='radio' name='gender' value='1' CHECKED> female";
   echo "</td></tr>";
   echo "<tr><td>date of birth</td><td><select name='dobm'>";
   $foo = 0;
   while ($foo != 12) {
      $foo++;
      if ($foo == $dobm) {
         echo "<option value='$foo' selected>$months[$foo]";
      } else {
         echo "<option value='$foo'>$months[$foo]";
      }
   }
   echo "</select><select name='dobd'>";
   $foo = 0;
   while ($foo != 31) {
      $foo++;
      if ($foo == $dobd) {
         echo "<option value='$foo' selected>$foo";
      } else {
         echo "<option value='$foo'>$foo";
      }
   }
   $foo=0;
   echo "</select><select name='doby'>";
   $foo = 1900;
   while ($foo != 2000) {
      $foo++;
      if ($foo == $doby) {
         echo "<option value='$foo' selected>$foo";
      } else {
         if ($foo == 1970) {
            echo "<option value='$foo' selected>$foo";
         } else {
            echo "<option value='$foo'>$foo";
         }
      }
   }
   echo "</select></td></tr>";
   echo "<tr><td>country</td><td><input size=50 name='country' type='text' value='".$country."'></td></tr>";
   echo "<tr><td>city</td><td><input size=50 name='city' type='text' value='".$city."'></td></tr>";
   echo "<tr><th colspan='2'><h2>contact information</h2></th></tr>";
   echo "<tr><td>email</td><td><input size=50 name='email' type='text' value='".$email."'></td></tr>";
   echo "<tr><td>receive email<br />announcements?</td><td>";
   if ($getmail == 1) echo "<input type='radio' name='getmail' value='1' CHECKED> Yes <input type='radio' name='getmail' value='0'> No";
   if ($getmail == 0) echo "<input type='radio' name='getmail' value='1'> Yes <input type='radio' name='getmail' value='0' CHECKED> No";
   echo "</td></tr>";
   echo "<tr><td>icq</td><td><input size=50 name='icq' type='text' value='".$icq."'></td></tr>";
   echo "<tr><td>msn</td><td><input size=50 name='msn' type='text' value='".$msn."'></td></tr>";
   echo "<tr><td>aim</td><td><input size=50 name='aim' type='text' value='".$aim."'></td></tr>";
   echo "<tr><td>yim</td><td><input size=50 name='yim' type='text' value='".$yim."'></td></tr>";
   echo "<tr><th colspan='2'><h2>other information</h2></th></tr>";
   echo "<tr><td>url</td><td><input size=50 name='url' type='text' value='".$url."'></td></tr>";
   echo "<tr><td>avatar</td><td><input size=50 name='avatar' type='text' value='".$avatar."'></td></tr>";
   echo "<tr><td valign=top>signature</td><td><textarea name='signature' rows=7 cols=50>".$signature."</textarea></td></tr>";
   echo "<tr><th colspan=2><h2>change password</h2></th></tr>";
   echo "<tr><td>current password</td><td><input size=50 name='cpass' type='password' value='".$cpass."'></td></tr>";
   echo "<tr><td>new password</td><td><input size=50 name='npass' type='password' value='".$npass."'></td></tr>";
   echo "<tr><td>verify password</td><td><input size=50 name='npass2' type='password' value='".$npass2."'></td></tr>";
   echo "<tr><td colspan='2'><input type='submit' value='Save Changes' /></td></tr>";
} elseif ($action == "update") {
   if ($dobm || $doby || $dobd) {
      if ($dobd < 10) $dobd = "0".$dobd;
      if ($dobm < 10) $dobm = "0".$dobm;
      $dob = $dobm.$dobd.$doby;
   }
   if ($cpass) {
      loaduser($user);
      $tpass = md5($cpass);
      if ($userdata['password'] != $tpass) echo $error[1];
      elseif (!$npass && !$npass2) echo $error[4];
      elseif ($npass != $npass2) echo $error[9];
      elseif ($npass == $npass2) {
         $npass = md5($npass);
         $result = mysql_query(
            "UPDATE ".$prefix."users SET
            password='".$npass."'
            WHERE username='$user'"
         );
      }
   }
   if ($avatar) {
      $avatarleft = substr($avatar,0,7);
      if ($avatarleft != "http://") $avatar = "http://".$avatar;
   }
   if ($url) {
      $urleft = substr($url,0,7);
      if ($urleft != "http://") $url = "http://".$url;
   }
   $signature = cleanstring($signature);
   if (!$nickname) $nickname = $login;
   if (!$email) {
      echo $error[10];
   } else {
   $result = mysql_query("UPDATE ".$prefix."profile SET
      nickname='".strip_tags($nickname)."',
      firstname='".strip_tags($firstname)."',
      lastname='".strip_tags($lastname)."',
      gender='".strip_tags($gender)."',
      dob='$dob',
      country='".strip_tags($country)."',
      city='".strip_tags($city)."',
      email='".strip_tags($email)."',
      url='".strip_tags($url)."',
      icq='".strip_tags($icq)."',
      msn='".strip_tags($msn)."',
      aim='".strip_tags($aim)."',
      yim='".strip_tags($yim)."',
      avatar='".strip_tags($avatar)."',
      signature='".strip_tags($signature)."',
      getmail='".strip_tags($getmail)."'
   WHERE username='$user'");
   echo "<meta http-equiv=Refresh content=0;URL='profile.php'>";
   }
} elseif ($action == "view") {
   $result = mysql_query("SELECT * FROM ".$prefix."profile WHERE username = '$username'");
   while($row=mysql_fetch_object($result)) {
      $username = $row->username;
      $nickname = $row->nickname;
      $firstname = $row->firstname;
      $lastname = $row->lastname;
      $gender = $row->gender;
      $dob = $row->dob;
      $country = $row->country;
      $city = $row->city;
      $email = $row->email;
      $url = $row->url;
      $icq = $row->icq;
      $msn = $row->msn;
      $aim = $row->aim;
      $yim = $row->yim;
      $avatar = $row->avatar;
      $signature = $row->signature;
   }
   if (!$nickname) $nickname = $login;
   if ($dob) {
      $dobm = substr($dob,0,2);
      $dobd = substr($dob,2,2);
      $doby = substr($dob,4,4);
      if ($dobm{0} == "0") { $dobm = ereg_replace("0","",$dobm); }
      if ($dobd{0} == "0") { $dobd = ereg_replace("0","",$dobd); }
   }
   echo "<h2>system information</h2><table>";
   echo "<tr><td>login</td><td>$username</td></tr></table>";
   echo "<h2>personal information</h2><table>";
   echo "<tr><td>nickname</td><td>$nickname</td></tr>";
   echo "<tr><td>first name</td><td>$firstname</td></tr>";
   echo "<tr><td>last name</td><td>$lastname</td></tr>";
   echo "<tr><td>gender</td><td>";
   if ($gender == 0) echo "male";
   if ($gender == 1) echo "female";
   echo "</td></tr>";
   echo "<tr><td>date of birth</td><td>".$dobd."/".$months[$dobm]."/".$doby."</td></tr>";
   echo "<tr><td>country</td><td>$country</td></tr>";
   echo "<tr><td>city</td><td>$city</td></tr></table>";
   echo "<h2>contact information</h2><table>";
   echo "<tr><td>email</td><td>$email</td></tr>";
   echo "<tr><td>icq</td><td>$icq</td></tr>";
   echo "<tr><td>msn</td><td>$msn</td></tr>";
   echo "<tr><td>aim</td><td>$aim</td></tr>";
   echo "<tr><td>yim</td><td>$yim</td></tr></table>";
   echo "<h2>other information</h2><table>";
   echo "<tr><td>url</td><td>$url</td></tr>";
   echo "<tr><td>avatar</td><td>$avatar</td></tr>";
   echo "<tr><td>signature</td><td>$signature</td></tr></table>";
}
?>
<?php }; $start = FALSE; include("system/include.php"); ?>
